<a id="APITutorial"><h1>Application Programming Interface</h1></a>

<h2> API - Getting Started</h2>
<p>
webERP comes with a simple to use and flexible API that allows client programs to access webERP in a safe and secure manner. If you wish to write an application that accesses webERP, either to post transactions, or to extract information, then you should use the API, rather than try to access the webERP database directly, as the API makes sure that the integrity of the data is maintained. The API is an &quot;<i>Application Program Interface</i>&quot;, that is intended to expose  functionality to external programs. There are currently a number of low level functions it exposes to enable external applications to retrieve  data and to update or insert data. However the API was structured in a manner that allows other protocols to be used very easily. All that would need to be done to use the SOAP protocol for instance would be to create an api_soap.php file with the same functions as the api_xmlrpc.php file.
</p>
<p>
The API uses the XML-RPC protocol to communicate between the client and the server. This was chosen because it is lightweight, simple, and easy to use. The API uses the XML-RPC for PHP - also called the phpxmlrpc class from Useful Inc originally developed by Edd Dumbill. This is an external library that is bundled with webERP code ready to run. Whilst the standard PHP XML-RPC extension could have been used, the extension is often not installed by default, so would add another dependency to webERP and complexity for the setup and installation of webERP.
</p>
<p>XML-RPC is a protocl to use XML to make RPC - remote procedure calls.</p>
<p>
Simply put the XML-RPC call is XML that contains the method of the remote procedure call together with any parameters and their data types and is sent over http as a POST to the XML-RPC server - the server returns an XML payload containing the results of the call. The parameters sent to the methods can contain arrays and associative arrays of data.</p>
<p>
The clever thing about XML-RPC is that it is the simplest protocol around for doing web-services. The newer and MUCH more complex SOAP - Simple Object Access Protocol - is quite involved and complicated.  is founded on the KISS principle.</p>
<p>
In fact the XML-RPC "Server" in  is just the script http://www.yourdomain.com//api/api_xml-rpc.php</p>
<p>There is no daemon background process running continuously to field calls to the "server" it is just a script that is http posted to by the XML-RPC call sending the XML encoded method to be run together with the necessary parameters to the  API - the server script runs the API php functions exposed by the xml-rpc methods and returns the XML-RPC response as an XML payload. The phpxmlrpc class does the packaging converting the PHP variables and arrays to the XML required for the XML-RPC call and also has the functions to convert the XML response into something useable in PHP without having to write the XML parsing routines.</p>
<p>There is one hardcoded parameter that needs to be set in the api before you start to use it. The database name - the company database - to use with the api is defined in the file api/api_php.php - the variable
<blockquote><pre>$api_DatabaseName=&quot;demo&quot;;</pre></blockquote>
<p>should be set before attempting to use the api.</p>
<p>
It is worthwhile reading a how-to on XML-RPC with PHP which explains in more detail what is going on as a primer for the concepts.</p>
<p>
The beauty of XML-RPC is that the client calling the  XML-RPC server and performing native  functions can be called from any language (with XML-RPC bindings). I have used Vala, Genie and Python. Python particularly has been very straight forward as it has an xmlrpclib bundled with it. Of course a PHP client is also possible and is demonstrated below.</p>
<p>
The API help is actually produced by an xml-rpc call to the API using the system.listMethods method (this is a phpxmlrpc method - not a  API method). Aother system xml-rpc method of phpxmlrpc class is used to return the details of each method&quot;s parameters required. So the help file not only documents each of the API methods it is itself and illustration of how the API can be used!!</p>
<p>In the narrative below, the word &quot;<i>Server</i>&quot; is used to refer to the host webERP installation - in fact the <i>&quot;server&quot;</i> this is the script webERP/xml-rpc/api_xmlrpc.php</p>
<p>The API is configured by default to use the company database weberpdemo, and this is hard coded in the script api/api_php.php on line 6:
<blockquote><pre><pre>
$api_DatabaseName=&quot;weberpdemo&quot;;
</pre></pre></blockquote>
<p>This database should be changed manually before the API can be used to the company database that you wish the API to access. Note that the API can only work on one company in a webERP installation. This is a limitation of the design.</p>
<p>Below is a simple example of how to use the API.</p>
<p>It is a simple <i>client</i> (a consumer of the API) application where the stock quantity for the item DVD-TOPGUN is retrieved from the webERP installation using the API.
<p>
<hr>
<blockquote><pre>
echo "Test  API";
//the xmlrpc class can output some funny warnings so make sure notices are turned off error_reporting (E_ALL & ~E_NOTICE);
/* you need to include the phpxmlrpc class - see link above - copy the whole directory structure of the class over to your client application from the /xmlrpc directory */

include ("xmlrpc/lib/xmlrpc.inc");

//if your  install is on a server at http://www.yourdomain.com/

$ServerURL = "http://www.yourdomain.com//api/api_xml-rpc.php";
$DebugLevel = 0; //Set to 0,1, or 2 with 2 being the highest level of debug info
$Parameters = array();

/* The trap for me was that each parameter needs to be run through xmlrpcval() - to create the necessary xml required for the rpc call if one of the parameters required is an array then it needs to be processing into xml for the rpc call through php_xmlrpc_encode()*/
$Parameters[&quot;StockID&quot;] = new xmlrpcval(&quot;DVD-TOPGUN&quot;); //the stockid of the item we wish to know the balance for

//assuming the demo username and password will work !
$Parameters[&quot;Username&quot;] = new xmlrpcval(&quot;admin&quot;);
$Parameters[&quot;Password&quot;] = new xmlrpcval(&quot;&quot;);

$Msg = new xmlrpcmsg(&quot;.xmlrpc_GetStockBalance&quot;, $Parameters);

$Client = new xmlrpc_client($ServerURL);
$Client-&gt;setDebug($DebugLevel);
$Response = $Client-&gt;send($Msg);
$Answer = php_xmlrpc_decode($Response-&gt;value());
if ($Answer[0]!=0){ //then the API returned some errors need to figure out what went wrong
    //need to figure out how to return all the error descriptions associated with the codes
} else { //all went well the returned data is in $answer[1]
    //answer will be an array of the locations and quantity on hand for DVD_TOPGUN so we need to run through the array to print out
    for ($i=0; $i &lt; sizeof($Answer[1]);$i++) {
        echo &quot;&quot; . $Answer[1][$i][&quot;loccode&quot;] . &quot; has &quot; . $Answer[1][$i][&quot;quantity&quot;] . &quot; on hand&quot;;
    }
}
</pre></blockquote>
<hr />
<p>
To create invoices in  you need to use the following methods:</p>
<p>
InsertOrderHeader InsertOrderLine - potentially multiple times for all the lines on the order then InvoiceSalesOrder - to invoice sales orders directly assuming the entire order is delivered - it cannot deal with controlled stock items though. However, it does process invoices in much the same way as standard  with updates to the stock quantities dispatched, GL entries and records required to record taxes and sales analysis records.</p>
<p>
To create a credit note just a sinlge API call is required:</p>
<p>
CreateCreditNote - to create a credit note from some base header data and an array of line items (as an associative array. In the same way as the InvoiceSalesOrder function this does all the same processing as a standard credit note from the interface in .</p>
<p>
There are some example scripts on the wiki showing how a number of the API XML-RPC functions are called - these scripts should be put on a web-server outside a  installation - all you need to do is edit the config.inc file to give the system your  username and password and the URL of your  installation you wish to connect to. As always playing with the examples helps to figure out how it all works.</p>
<br />
<h2>An Example Client</h2>
<p>For this example we will build a small PHP application that will first interrogate webERP for a full list of available stock locations, build them into an HTML drop down list and then allow a user to input a stock item code and return the quantity of stock of that item at the selected location. We will use PHP for simplicity but any language that has an xmlrpc library (just about every language) can be used to write a client.</p>
<p>Firstly we need the xmlrpc library, so we copy the xmlrpc sub-directory from webERP to this new project.</p>
<p>The basic code will look like this, and be saved into a file called index.php:</p>
<blockquote><pre>
&lt;html&gt;
    &lt;head&gt;
        &lt;!DOCTYPE html PUBLIC &quot;-//W3C//DTD XHTML 1.0 Strict//EN&quot;
            &quot;http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd&quot;&gt;
    &lt;/head&gt;
    &lt;body&gt;
        &lt;form action=&quot;index.html&quot; method=&quot;post&quot;&gt;
            Stock Code:&lt;input type=&quot;text&quot; name=&quot;StockID&quot; /&gt;&lt;br /&gt;
            Location:&lt;select name=&quot;location&quot;&gt;
            &lt;?php // Here will go the available stock locations from webERP?&gt;
            &lt;/select&gt;&lt;br /&gt;
            &lt;input type=&quot;submit&quot; name=&quot;submit&quot; value=&quot;Submit&quot; /&gt;
        &lt;/form&gt;
    &lt;/body&gt;
&lt;/html&gt;
</pre></pre></blockquote>
<p>As its name suggests, the xmlrpc function calls are made by sending an XML file with the function name and the parameters to the server, and receive an XML file back from the server.</p>
<p>To assist with this, the phpxmlrpc library that webERP uses (and we will use as well for our client) contains methods to encode our function call as XML, and to decode the XML that we receive back.</p>
<p>First off we need to include the xmlrpc library in our file, so immediately above the HTML, we need the following:</p>
<blockquote><pre>
&lt;?php
    include &quot;xmlrpc/lib/xmlrpc.inc&quot;;
    $xmlrpc_internalencoding=&quot;UTF-8&quot;;
    include &quot;xmlrpc/lib/xmlrpcs.inc&quot;;
?&gt;
</pre></blockquote>
<p>To populate the drop down box with the stock locations in it the API  function called webERP.xmlrpc_GetLocationList() is used. This function takes two parameters, a valid userid for the webERP instance, and the password for that user. Using the demo credentials is admin/weberp. Also, the file api_php.php must have the $api_databasename set to whatever the name of the database is on your target webERP installation.</p>
<p>The function to get the inventory locations will look like this, and be at the bottom of the file, within a PHP code section (ie &lt;?php ?&gt;).</p>
<blockquote><pre>
function GetLocations() {

    //Encode the user/password combination
    $UserID = php_xmlrpc_encode(&quot;admin&quot;);
    $Password = php_xmlrpc_encode(&quot;webERP&quot;);

    //Create a client object to use for xmlrpc call
    $Client = new xmlrpc_client(&quot;http://localhost/webERP/api/api_xml-rpc.php&quot;);

    //Create a message object, containing the parameters and the function name
    $Message = new xmlrpcmsg(&quot;webERP.xmlrpc_GetLocationList&quot;, array($UserID, $Password));
</pre></blockquote>
<p>The most common error just return no authorisation with no information about why this has happened. Most webERP API/XML-RPC calls returns an array containing two elements, the first - $Response[0] containing an integer code, and the second the result of the call, if one is expected. If the integer code is zero, this indicates success. Any other code indicates an error. These are the errors and the codes that are returned to represent them:
<blockquote><pre>
NoAuthorisation - 1
IncorrectDebtorNumberLength - 1000
DebtorNoAlreadyExists - 1001
IncorrectDebtorNameLength - 1002
InvalidAddressLine - 1003
CurrencyCodeNotSetup - 1004
SalesTypeNotSetup - 1005
InvalidClientSinceDate - 1006
HoldReasonNotSetup - 1007
PaymentTermsNotSetup - 1008
InvalidDiscount - 1009
InvalidPaymentDiscount - 1010
InvalidLastPaid - 1011
InvalidLastPaidDate - 1012
InvalidCreditLimit - 1013
InvalidInvAddrBranch - 1014
InvalidDiscountCode - 1015
InvalidEDIInvoices - 1016
InvalidEDIOrders - 1017
InvalidEDIReference - 1018
InvalidEDITransport - 1019
InvalidEDIAddress - 1020
InvalidEDIServerUser - 1021
InvalidEDIServerPassword - 1022
InvalidTaxRef - 1023
InvalidCustomerPOLine - 1024
DatabaseUpdateFailed - 1025
NoDebtorNumber - 1026
DebtorDoesntExist - 1027
IncorrectBranchNumberLength - 1028
BranchNoAlreadyExists - 1029
IncorrectBranchNameLength - 1030
InvalidEstDeliveryDays - 1031
AreaCodeNotSetup - 1032
SalesmanCodeNotSetup - 1033
InvalidFwdDate - 1034
InvalidPhoneNumber - 1035
InvalidFaxNumber - 1036
InvalidContactName - 1037
InvalidEmailAddress - 1038
LocationCodeNotSetup - 1039
TaxGroupIdNotSetup - 1040
ShipperNotSetup - 1041
InvalidDeliverBlind - 1042
InvalidDisableTrans - 1043
InvalidSpecialInstructions - 1044
InvalidCustBranchCode - 1045
BranchNoDoesntExist - 1046
StockCodeDoesntExist - 1047
StockCategoryDoesntExist - 1048
IncorrectStockDescriptionLength - 1049
IncorrectUnitsLength - 1050
IncorrectMBFlag - 1051
InvalidCurCostDate - 1052
InvalidActualCost - 1053
InvalidLowestLevel - 1054
InvalidDiscontinued - 1055
InvalidEOQ - 1056
InvalidVolume - 1057
InvalidKgs - 1058
IncorrectBarCodeLength - 1059
IncorrectDiscountCategory - 1060
TaxCategoriesDoesntExist - 1061
InvalidSerialised - 1062
IncorrectAppendFile - 1063
InvalidPerishable - 1064
InvalidDecmalPlaces - 1065
IncorrectLongStockDescriptionLength - 1066
StockCodeAlreadyExists - 1067
TransactionNumberAlreadyExists - 1068
InvalidTranDate - 1069
InvalidSettled - 1070
IncorrectReference - 1071
IncorrectTpe - 1072
InvalidOrderNumbers - 1073
InvalidExchangeRate - 1074
InvalidOVAmount - 1075
InvalidOVGst - 1076
InvalidOVFreight - 1077
InvalidDiffOnExchange - 1078
InvalidAllocation - 1079
IncorrectInvoiceText - 1080
InvalidShipVia - 1081
InvalidEdiSent - 1082
InvalidConsignment - 1083
InvalidLastCost - 1084
InvalidMaterialCost - 1085
InvalidLabourCost - 1086
InvalidOverheadCost - 1087
InvalidCustomerRef - 1088
InvalidBuyerName - 1089
InvalidComments - 1090
InvalidOrderDate - 1091
InvalidDeliverTo - 1092
InvalidFreightCost - 1094
InvalidDeliveryDate - 1095
InvalidQuotationFlag - 1096
OrderHeaderNotSetup - 1097
InvalidUnitPrice - 1098
InvalidQuantity - 1099
InvalidDiscountPercent - 1100
InvalidNarrative - 1101
InvalidItemDueDate - 1102
InvalidPOLine - 1103
GLAccountCodeAlreadyExists - 1104
IncorrectAccountNameLength - 1105
AccountGroupDoesntExist - 1106
GLAccountSectionAlreadyExists - 1107
IncorrectSectionNameLength - 1108
GLAccountGroupAlreadyExists - 1109
GLAccountSectionDoesntExist - 1110
InvalidPandL - 1111
InvalidSequenceInTB - 1112
GLAccountGroupDoesntExist - 1113
InvalidLatitude - 1114
InvalidLongitude - 1115
CustomerTypeNotSetup - 1116
NoPricesSetup - 1117
InvalidInvoicedQuantity - 1118
InvalidActualDispatchDate - 1119
InvalidCompletedFlag - 1120
InvalidCategoryID - 1121
InvalidCategoryDescription - 1122
InvalidStockType - 1123
GLAccountCodeDoesntExists - 1124
StockCategoryAlreadyExists - 1125
SupplierNoAlreadyExists - 1126
IncorrectSupplierNameLength - 1127
InvalidSupplierSinceDate - 1128
InvalidBankAccount - 1129
InvalidBankReference - 1130
InvalidBankPartics - 1131
InvalidRemittanceFlag - 1132
FactorCompanyNotSetup - 1133
SupplierNoDoesntExists - 1134
InvalidSuppliersUOM - 1135
InvalidConversionFactor - 1136
InvalidSupplierDescription - 1137
InvalidLeadTime - 1138
InvalidPreferredFlag - 1139
StockSupplierLineDoesntExist - 1140
InvalidRequiredByDate - 1141
InvalidStartDate - 1142
InvalidCostIssued - 1143
InvalidQuantityRequired - 1144
InvalidQuantityReceived - 1145
InvalidStandardCost - 1146
IncorrectSerialNumber - 1147
WorkOrderDoesntExist - 1148
InvalidIssuedQuantity - 1149
InvalidTransactionDate - 1150
InvalidReceivedQuantity - 1151
ItemNotControlled - 1152
ItemSerialised - 1153
BatchNumberDoesntExist - 1154
BatchIsEmpty - 1155
NoSuchArea - 1156
NoSuchSalesMan - 1157
NoCompanyRecord - 1158
NoReadOrder - 1159
NoReadOrderLines - 1160
NoTaxProvince - 1161
TaxRatesFailed - 1162
NoReadCustomerBranch - 1163
NoReadItem - 1164
MustBeReceiptOrCreditNote - 1165
NoTransactionToAllocate - 1166
</pre></blockquote>

<p>As you can see error code 1 indicates &quot;NoAuthorisation&quot; which will be the error returned if the user name or password is incorrect and also if the name of the database to be used in the api call is not specified correctly in the file webERP/api/api_php.php in the variable:</p>
<blockquote><pre>
$api_DatabaseName=&quot;weberpdemo&quot;;
</pre></blockquote>
<p>To catch the errors we create a session variable to hold any error messages that happen, so that we can show the to the user. So the initialisation code at the top of index.php becomes:</p>

<blockquote><pre>&lt;?php
include &quot;xmlrpc/lib/xmlrpc.inc&quot;;
$xmlrpc_internalencoding=&quot;UTF-8&quot;;
include &quot;xmlrpc/lib/xmlrpcs.inc&quot;;
$_SESSION[&quot;Errors&quot;] = array();
?&gt;
</pre></blockquote>
<p>and then at the bottom of the output we have a loop to output these errors:</p>
<blockquote><pre>
foreach ($_SESSION[&quot;Errors&quot;] as $Error) {
    echo $Error;
}
</pre></blockquote>
<br />Now we just need to capture that error. We need to put this code at the bottom of the GetLocations() function so that it now reads:
<blockquote><pre>
if ($ReturnValue[0] == 0) {
    return $ReturnValue[1];
} elseif ($ReturnValue[0] == 1) {
    $_SESSION[&quot;Errors&quot;][] = &quot;Incorrect login/password credentials used&quot;;
}
</pre></blockquote>
<br />Now run the index.php script again in your browser and you should get output similar to this:
<br />
<br />We just need to put this code at the bottom of our other functions, and then they will all be able to catch this error.
<br />
<br />Now if we put the proper password back in index.php should work as before.
<br />
<br />Now try entering a stock code that you know doesn&quot;t exist and see what happens. I entered a part code called &quot;wrong&quot; and this is what I see.
<br />
<br />This is not very helpful output so we need catch this error. A quick look here shows that error code 1047 is &quot;StockCodeDoesntExist&quot; and this should be returned if the code we entered is wrong. So we need to capture error 1047 in the GetStockQuantity() function. The code at the end of this function now becomes:
<blockquote><pre>
} elseif ($ReturnValue[0] == 1) {
    $_SESSION[&quot;Errors&quot;][] = &quot;Incorrect login/password credentials used&quot;;
} elseif ($ReturnValue[0] == 1047) {
    $_SESSION[&quot;Errors&quot;][] = &quot;The stock code you entered does not exist&quot;;
}
</pre></blockquote>
<br />So now the function is checking that the user/password is correct and also checking that the stock code is correct and providing useful feedback in the case of any problems. We could go on and check for other errors but this should be enough for now.
<br />
<br />To do this we need a function much like the one we used to extract the array of location codes. Here is the full code:
<blockquote><pre>
    function LocationName($LocationCode) {

//Encode the data items
  $UserID = php_xmlrpc_encode("admin");
        $Password = php_xmlrpc_encode("webERP");
        $Code = php_xmlrpc_encode($LocationCode);

        //Create a client object to use for xmlrpc call and set its debug level to zero
        $Client = new xmlrpc_client("http://localhost/webERP/api/api_xml-rpc.php");
        $Client->setDebug(0);

        //Create a message object, containing the parameters and the function name
        $Message = new xmlrpcmsg(&quot;webERP.xmlrpc_GetLocationDetails&quot;, array($Code, $UserID, $Password));

        //Use the client object to send the message object to the server, returning the response
        $Response = $Client->send($Message);

        //Decode the response and return the array
        $ReturnValue = php_xmlrpc_decode($Response->value());
        if ($ReturnValue[0] == 0) {
            return $ReturnValue[1][&quot;locationname&quot;];
        }
    }
</pre></blockquote>
<br />
<p>The first section encodes the parameters as XML. The first two parameters are always the userid/password combination, and for this function call we need a third parameter, which is the code of the location that we require the name of. The second section is identical to the previous function and creates an instance of the XML-RPC client class. The third section then creates an instance of the message class, with the first parameter being the full name of the API function being called, in this case webERP.xmlrpc_GetLocationDetails, and then the second parameter is an array of the encoded parameters, (location code, userid, password). This message is then sent to the server, and the response decoded into an array called $ReturnValue.</p>
<p>As last time the first element of the array signifies whether the function was successful (a zero), or any other integer for an error code. The second element is an associative array of details for that location. The key of each element is the field name for that value. In our case we just want the location name, so we return the element [&quot;locationname&quot;]. If it was the telephone number we were interested in we would just return the [&quot;tel&quot;] element.</p>
<p>Changing the line in the HTML where we fill the drop down box to:</p>
<blockquote><pre>
echo &lt;option value=&quot; . $LocationCode . &quot;&gt; . LocationName($LocationCode) . &quot;&lt;/option&gt;&quot;;
</pre></blockquote>
<p>The full name of the location appears in the drop down the list, but the value returned by the form is still just the code.</p>
<p>All that is left to complete our client, is to type a stock code in the text box, submit the form and return the amount of stock for that code at the chosen location. First we need to insert some PHP code in the HTML to handle the form being sent:</p>

<blockquote><pre>
if (isset($_POST[&quot;submit&quot;])) {
    echo &quot;The quantity of &quot; . $_POST[&quot;StockID&quot;] . &quot; at &quot; . $_POST[&quot;location&quot;] . &quot; is : &quot; . GetStockQuantity($_POST[&quot;StockID&quot;], $_POST[&quot;location&quot;]);
}
</pre></blockquote>
<p>As you can see this calls another PHP function - GetStockQuantity() - that retrieves the stock quantity for the required item at the required location. Looking at the API function reference in the manual the API function we require is webERP.xmlrpc_GetStockBalance. However this time there is a small addition we require as this function returns an array containing the stock balances at all the locations for the given stock item.</p>
<p>The full code for the PHP function is:</p>
<blockquote><pre>
function GetStockQuantity($StockID, $LocationCode) {
    //Encode the data items
    $UserID = php_xmlrpc_encode(&quot;admin&quot;);
    $Password = php_xmlrpc_encode(&quot;webERP&quot;);
    $StockCode = php_xmlrpc_encode($StockID);

    //Create a client object to use for xmlrpc call and set its debug level to zero
    $Client = new xmlrpc_client("http://localhost/webERP/api/api_xml-rpc.php");
    $Client->setDebug(0);
    //Create a message object, containing the parameters and the function name
    $Message = new xmlrpcmsg(&quot;webERP.xmlrpc_GetStockBalance&quot;, array($StockCode, $UserID, $Password));
    //Use the client object to send the message object to the server, returning the response
    $Response = $Client->send($Message);
    //Decode the response and return the array
    $ReturnValue = php_xmlrpc_decode($Response->value());
    if ($ReturnValue[0] == 0) {
        $Items = $ReturnValue[1];
        for ($i=0; $i &lt; sizeOf($Items); $i++) {
            if ($Items[$i][&quot;loccode&quot;]==$LocationCode) {
                return $Items[$i][&quot;quantity&quot;];
            }
        }
    }
}
</pre></blockquote>
<br />
<p>I wont go through this in details as it is mostly the same as the previous functions. The key section is the last:</p>
<blockquote><pre>
    $ReturnValue = php_xmlrpc_decode($Response->value());
    if ($ReturnValue[0] == 0) {
        $Items = $ReturnValue[1];
        for ($i=0; $i &lt; sizeOf($Items); $i++) {
            if ($Items[$i][&quot;loccode&quot;]==$LocationCode) {
                return $Items[$i][&quot;quantity&quot;];
            }
        }
    }
</pre></blockquote>
<br />Here the RPC returns an array of locations with the stock quantities for each location, and we filter out the location we need.
<br />
<br />Showing that we have returned the correct numbers.